Page 1 of 1

Encrypting Alive User and Session Data - HIPPA

Posted: Thu Dec 06, 2018 7:26 am
by Ryan Deluz
You can encrypt the Alive user and session data, for example to meet HIPPA requirements.

Alive 3.0.4 or greater is required to encrypt the Alive user and session data. This data is normally stored unencrypted in your Documents folder / Alive Sessions.


WINDOWS
PART 1 - CREATE AN ENCRYPTED FILE STORE
If you are have a Professional or Enterprise version of Windows you can use BitLocker. Create a disk image, then encrypt and mount it with BitLocker.
https://www.howtogeek.com/193013/how-to ... n-windows/

You can also use VeraCrypt or any other encryption software that allows you to create mountable encrypted file containers.
https://www.veracrypt.fr
https://www.veracrypt.fr/en/Beginner%27 ... orial.html

PART 2 - COPY OR MOVE YOUR ALIVE SESSIONS FOLDER INTO THE ENCRYPTED DRIVE
1. Mount the encrypted file container so it appears as a Windows drive. Note the drive letter.
2. Your Alive Sessions folder is located in your user's Documents folder. Move or copy your Alive Sessions folder from your Documents folder into the new drive letter.
3. If you copied your Alive Sessions folder (instead of moving it) rename your old Alive Sessions folder "Alive Sessions old" so you can test if you are accessing your Alive Sessions in the new encrypted location.

PART 3 - CONFIGURE ALIVE TO USE THE NEW ENCRYPTED LOCATION
1. Click the Start Menu and type notepad, then press enter, to open Notepad.
2. Go to File -> Open and open the Session_Storage_Location.txt file in your Alive program files folder. This is probably located at C:\Program Files (x86)\Alive\Session_Storage_Location.txt.
3. Enter the root path of your mount. For example if your Alive Sessions folder is now in F:\ enter "F:\" (do not type the quotes)

PART 4 - OPEN ALIVE AND TEST
1. Open Alive (with the encrypted file mounted) and make sure you see your users. If you didn't have any users, create one.
2. Close Alive
3. Unmount your encrypted drive (this protects your files).
4. Open Alive and make sure you don't see your users (you will also probably receive an error about the path not being found).



MAC OS X
PART 1 - ENCRYPT YOUR ALIVE SESSIONS
1. Click Command + Shift + A to open the Applications folder.
2. Open the Utilities folder within Applications.
3. Open Disk Utility.
4. Open the File menu -> New Image -> Blank Image...
5. In the Save As field enter AliveEncrypted.
6. In the Name field enter Alive.
7. Click on the Image Format option menu and select sparse disk image.
8. Click on the Encryption menu and click 128-bit AES encryption.
9. Enter the password for this folder twice, and click Choose. WRITE THIS PASSWORD DOWN SOMEWHERE SAFE OR YOU WILL LOSE ALL OF YOUR ALIVE USERS AND SESSION DATA!
10. In the Size you must choose a size of the disk image. If your Alive Sessions exceed this size data will not be saved. A suggested size is 10 GB or more, but it depends on your usage. You can always create a new disk image and move the files later if needed. You will receive errors in Alive if you exceed the disk usage.
11. Click Done. By default it may save the new AliveEncrypted disk image (which has the sparseimage extension) in your Documents folder.

Make sure to never delete the AliveEncrypted disk image file!

You can see more information about creating Encrypted disk images here: https://www.laptopmag.com/articles/pass ... folder-mac

PART 2 - MOUNT (OPEN) THE ENCRYPTED SESSION FILES
1. Open your Documents folder (or wherever you saved the disk image).
2. Double click the AliveEncrypted disk image.
3. Enter your password. For security, don't store this password in your keychain.
4. You can now see in Finder, on the left side in your Devices area, an Alive mount.
5. DO THIS ONLY ONCE: The first time you mount, open your Documents folder and copy the Alive Sessions folder into the Alive mount on the left side under Devices.

PART 3 - CONFIGURE ALIVE TO USE THE MOUNTED IMAGE
1. Click Command + Shift + A to open the Applications folder.
2. Open the Alive folder.
3. Right click the Alive icon within the Alive folder and click show package contents.
4. Open Contents -> Resources then double click Session_Storage_Location.txt.
5. In Session_Storage_Location.txt delete all text and type the following text exactly (with no spaces): /Volumes/Alive

PART 4 - TEST ALIVE
1. Open Alive and make sure there are no error messages displayed on opening, and that you see all of your users displayed on the initial choose user page.
2. If Alive is working properly you can now delete or move your Documents/Alive folder. Your Alive sessions are now stored in the AliveEncrypted disk image.

PART 5 - CLOSING AND OPENING YOUR ENCRYPTED IMAGE
1. You can close/protect the Alive data by ejecting the Alive mounted image (found in Finder under Devices).
2. Before opening Alive, make sure you have the Alive image mounted (double click the AliveEncrypted image and enter your password).
3. If you forget to mount (open) the disk image before opening Alive, Alive will give you an error that it cannot create the database folder. Quit Alive, mount the disk image, then open Alive.

Re: Encrypting Alive User and Session Data - HIPPA

Posted: Mon Dec 17, 2018 6:05 pm
by gecks
This method only protects Session Data if the Computer or media is stolen, but does not protect from online-attacks (OS-Security-holes, Worms, Trojans,...).
Therefore the data should be encrypted and decrypted within alive if selected

Re: Encrypting Alive User and Session Data - HIPPA

Posted: Wed Sep 18, 2019 8:49 pm
by Ryan Deluz
Organizations that would be interested in protecting the data are generally the same ones that would need access to the raw data as files. For example to do their own analysis of the results. So, at some point, you actually need to copy data into a program and store it as an Excel, or in whatever plain text format can be used by external tools. For convenience, people generally unencrypt files when they want to use them for research, as data must be ported between programs. Of course, even data decrypted into memory could be subject to the same sort of online attacks if the OS was compromised. Its also possible to just create user names that are numbers, and then keep a separate encrypted file that matches patient names to the randomly assigned numbers that would be used as user names in Alive. Alive is not built to attempt to be HIPPA compliant, but we are trying to make some options available for those that want to use Alive and comply with HIPPA requirements.